I can't set sufficient secure parameters for Diffie-Hellman key exchange on a LAMP stack

Help
1

I have created a file in /etc/ssh/certs and named it dhparam.pem (I also tried ffdhe4096.txt). And added the parameters in it. In /etc/letsencrypt/options-ssl-apache.com I have added the line: SSLOpenSSLConfCmd DHParameters /etc/ssl/certs/dhparam.pem and restarted apache.

I have tried different locations and names without luck.

Thanks!

1 Like
2

Are you required to use DHE ciphers?
They are difficult to use.

3 Likes
3

No, I am not required. I can't find much about how to use DHE ciphers online.

4

There are two parts to DHE and the second part is non-negotiable.
If the client and server aren't set exactly to match, it will fail.

In 2023, pretty much no one uses it [anymore].

I would just remove all DHE ciphers.

4 Likes
5

Oh, I see.

6

Check your site with: SSLLabs.com

4 Likes
7

Thanks, I get this: SSL Server Test: www.i-bet.io (Powered by Qualys SSL Labs)

8

I have 2 DHE 128 and 256.

9

This is my cypherlist: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

10

It looks fine.

4 Likes
11

This is my cypherlist: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:

Do I delete this to delete the 2 DHE ciphers?

DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

12

That's up to you, but yes, you can. Have a look on ssl-config.mozilla.org if you want more ideas.

5 Likes
13

Yes, I would.
DHE and ECDHE are NOT the same thing.

4 Likes
14

I would add

SSLHonorCipherOrder     off
5 Likes
15

It is the second parameter that usually causes the problems:
2048/3072/4096/etc...

3 Likes
16

If using DHE, that would make sense - but would not ensure compatibility 100%.
If not using DHE, then I would leave it on.

2 Likes
17

You usually want devices preferring ChaCha20 to use it instead of AES.

3 Likes
18

maybe you do - LOL
I prefer TLSv1.3 but I can't --force it on anyone [yet]
I'm still not a master jedi!

2 Likes
19

I mean, yeah, a lot of ARM platforms don't have the AES-NI instruction set.

TLS 1.3 pretty much uses ChaCha20 and AES (128 and 256).

3 Likes
20

In a future/perfect world [of IT]...
There would be a "magic button" that says:
"Tell me what I'm doing wrong and fix it for me"

3 Likes